@optimizely-opal/opal-tool-ocp-sdk 0.0.0-devmg.13 → 1.0.0-beta.1

package/src/function/ToolFunction.ts

@@ -1,7 +1,6 @@
-import { Function, Response, amendLogContext, getAppContext, logger } from '@zaiusinc/app-sdk';
+import { Function, Response, amendLogContext } from '@zaiusinc/app-sdk';
+import { authenticateRegularRequest } from '../auth/AuthUtils';
 import { toolsService } from '../service/Service';
-import { getTokenVerifier } from '../auth/TokenVerifier';
-import { OptiIdAuthData } from '../types/Models';
 
 /**
  * Abstract base class for tool-based function execution
@@ -41,45 +40,9 @@ export abstract class ToolFunction extends Function {
   /**
    * Authenticate the incoming request by validating the OptiID token and organization ID
    *
-   * @throws true if authentication succeeds
+   * @returns true if authentication succeeds
    */
   private async authorizeRequest(): Promise<boolean> {
-    if (this.request.path === '/discovery' || this.request.path === '/ready') {
-      return true;
-    }
-    const authData = this.request.bodyJSON?.auth as OptiIdAuthData;
-    const accessToken = authData?.credentials?.access_token;
-    if (!accessToken || authData?.provider?.toLowerCase() !== 'optiid') {
-      logger.error('OptiID token is required but not provided');
-      return false;
-    }
-
-    const customerId = authData.credentials?.customer_id;
-    if (!customerId) {
-      logger.error('Organisation ID is required but not provided');
-      return false;
-    }
-
-    const appOrganisationId = getAppContext().account?.organizationId;
-    if (customerId !== appOrganisationId) {
-      logger.error(`Invalid organisation ID: expected ${appOrganisationId}, received ${customerId}`);
-      return false;
-    }
-
-    return await this.validateAccessToken(accessToken);
+    return await authenticateRegularRequest(this.request);
   }
-
-  private async validateAccessToken(accessToken: string | undefined): Promise<boolean> {
-    try {
-      if (!accessToken) {
-        return false;
-      }
-      const tokenVerifier = await getTokenVerifier();
-      return await tokenVerifier.verify(accessToken);
-    } catch (error) {
-      logger.error('OptiID token validation failed:', error);
-      return false;
-    }
-  }
-
 }

package/src/index.ts

@@ -1,4 +1,5 @@
 export * from './function/ToolFunction';
+export * from './function/GlobalToolFunction';
 export * from './types/Models';
 export * from './decorator/Decorator';
 export * from './auth/TokenVerifier';

package/src/service/Service.ts

@@ -3,14 +3,13 @@ import { AuthRequirement, Parameter } from '../types/Models';
 import * as App from '@zaiusinc/app-sdk';
 import { logger } from '@zaiusinc/app-sdk';
 import { ToolFunction } from '../function/ToolFunction';
+import { GlobalToolFunction } from '../function/GlobalToolFunction';
 
 /**
  * Default OptiID authentication requirement that will be enforced for all tools
  */
 const DEFAULT_OPTIID_AUTH = new AuthRequirement('OptiID', 'default', true);
 
-
-
 /**
  * Result type for interaction handlers
  */
@@ -28,7 +27,11 @@ export class Interaction<TAuthData> {
   public constructor(
     public name: string,
     public endpoint: string,
-    public handler: (functionContext: ToolFunction, data: unknown, authData?: TAuthData) => Promise<InteractionResult>
+    public handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      data: unknown,
+      authData?: TAuthData
+    ) => Promise<InteractionResult>
   ) {}
 }
 
@@ -55,7 +58,11 @@ export class Tool<TAuthData> {
     public description: string,
     public parameters: Parameter[],
     public endpoint: string,
-    public handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
+    public handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      params: unknown,
+      authData?: TAuthData
+    ) => Promise<unknown>,
     public authRequirements: AuthRequirement[] = [DEFAULT_OPTIID_AUTH]
   ) {}
 
@@ -108,14 +115,25 @@ export class ToolsService {
   public registerTool<TAuthData>(
     name: string,
     description: string,
-    handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
+    handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      params: unknown,
+      authData?: TAuthData
+    ) => Promise<unknown>,
     parameters: Parameter[],
     endpoint: string,
     authRequirements?: AuthRequirement[]
   ): void {
     // Enforce OptiID authentication for all tools
     const enforcedAuthRequirements = this.enforceOptiIdAuth(authRequirements);
-    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, enforcedAuthRequirements);
+    const func = new Tool<TAuthData>(
+      name,
+      description,
+      parameters,
+      endpoint,
+      handler,
+      enforcedAuthRequirements
+    );
     this.functions.set(endpoint, func);
   }
 
@@ -127,15 +145,21 @@ export class ToolsService {
    */
   public registerInteraction<TAuthData>(
     name: string,
-    handler: (functionContext: ToolFunction, data: unknown, authData?: TAuthData) => Promise<InteractionResult>,
+    handler: (
+      functionContext: ToolFunction | GlobalToolFunction,
+      data: unknown,
+      authData?: TAuthData
+    ) => Promise<InteractionResult>,
     endpoint: string
   ): void {
     const func = new Interaction<TAuthData>(name, endpoint, handler);
     this.interactions.set(endpoint, func);
   }
 
-  public async processRequest(req: App.Request,
-                              functionContext: ToolFunction): Promise<App.Response> {
+  public async processRequest(
+    req: App.Request,
+    functionContext: ToolFunction | GlobalToolFunction
+  ): Promise<App.Response> {
     if (req.path === '/discovery') {
       return new App.Response(200, { functions: Array.from(this.functions.values()).map((f) => f.toJSON()) });
     } else {